[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: chkrootkit and linux 2.6

Right now chkrootkit gets lots of false positives regarding LKMs.  There
was a pretty thorough discussion just a couple days ago so look through
the archive for the details:

So, its _probably_ a false alarm, but ....

David Ehle
Computing Systems Manager
rm 077
LS Bld. IIT Main Campus
Chicago IL 60616

On Tue, 2 Dec 2003, Miek Gieben wrote:

> Hello,
> When reading again about the (Debian) breakin, it said you should run chkrootkit
> to see if you have a rootkit installed. Well I did. But now it is complaining
> about a LKM rootkit. But i'm running a 2.6 kernel, is this still valid then?
> I've checked the md5sums of some commands (ps, kill, ...) and they are equal
> to the ones I just downloaded from a debian archive.
> I'm not subscribe to the list - so please cc me,
> thanks,
> grtz
>       Miek
> --
> Serenity now!
> -- Frank Costanza (Seinfeld)
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: